I figured this didn't really fit into the "help" categories... maybe it does... i dunno.

anyway-- i was helping someone who i met here quite recently. we met on Y! msgr and i received some files. the guy (a fine fellow, i'm sure) is using some IDE which, not only does it insert deprecated functions such as mysql_create_db(), it seems to have him all mixed up! i'm not saying i have little faith in the 'programmer' because it looks like he's working on a cool idea, but i don't know how he ended up w/ some of this stuff. i guess the bottom line for him is this question: "do you want to learn to write php apps, or do you want to make one or two simple apps to satisfy your basic needs at the moment". in no way am i trying to say he's going about things the wrong way-- 'cause who's to tell someone what the do and do not need to learn, ya know? anyway...

apparently, this IDE makes "PHP include's" filename.php's for every damn fucntion- (eg. include dbconn.php; include dbselect.php, etc, etc) and then the html body, etc sliced up w/ a lot of <?php ?> open and close tags. to me, that is just plain confusing, although i could see how one might theorize that it is "clean" code. i dunno.

anyway-- the point is-- something about what i received-- the .php and the SQL caused my Apache2 to crash-- twice! the first time it was when i ran one of the php files in an attempt to help this guy w/ a query-- and the second was merely by opening up phpmyadmin and browsing the tables! how weird is that?

so-- has anyone ever experieced this? my theory is that it was because of mysql_pconnect() and i never closed the connection, but XP couldnt' restart the Apache service-- only a complete reboot fixed 'er up.

i'm curious to hear your advice on such things. i realize the inherent security risks, but i also enjoy helping others. what, if anything, could i do to prevent this from happening? should i have taken a better look at the code before running it? but-- there wasn't really anything there, sans the $dbconn and a simple mysql_query and a while loop! nothing! really-- i have no idea what caused this weirdness.

just looking for somefeedback from the wise ones up here on the hill. it doesn't have to he any "how to" type feedback at all-- just wanna hear your thoughts, opnion, and help too if you have some regarding "precautionary security".

thanks!

    do you want to learn to write php apps, or do you want to make one or two simple apps to satisfy your basic needs at the moment".

    From what I've seen the majority of phpers face that question, and the majority fall into the second camp.

    apparently, this IDE makes "PHP include's" filename.php's for every damn fucntion- (eg. include dbconn.php; include dbselect.php, etc, etc) and then the html body, etc sliced up w/ a lot of <?php ?> open and close tags. to me, that is just plain confusing, although i could see how one might theorize that it is "clean" code. i dunno.

    Theoretically that is a good model(I'm thinking MVC with ``php as a template''), and supported by quite a few advanced phpers. However, having includes for each function seems a bit insane and it would probably be better to have chunks of common functions in the file, or better yet objects, though that is slower in 4. I suppose thats what you get with an IDE.

    As for executing files on your devel it depends on what you use your devel for. Since your using XP I'm not aware of too much you can do to actual secure anything(if you haven't heard, Bill doesn't like open source, he likes open computers). So what I would reccomend doing is to download GNU grep or gawk for windows. Then right up a shell script with all the iffy security functions(you can probably find a list online, but stuff like directories is able to alter your computer) and run that script on any remote scripts. It's not bulletproof but it will alert you to any funky stuff their script might do that you missed(like reformating your harddrive).

    After that you'll want to edit php.ini to be a little more secure(I'd actually having multiple php.ini's that act in different ways. That way you can test your app to be work in different situations fairly easily.). You could also apply something like Hardend php, but that may be overkill.

    Most of the time it's not malice, but stupidity that causes problems like these. I'm not sure what happened, though. I'm curious if you could reproduce it, or if it was a one time fluke? I've had a lot of weirdness with php on windows with databases. Linux tends to be a little more stable, though I'm always amazed at how buggy and ackward php is with databases. You'd think the php team would realize how integral it is to any php script and do something about it rather than add Unicode.

      capiCrimm wrote:

      snip...
      amazed at how buggy and ackward php is with databases. You'd think the php team would realize how integral it is to any php script and do something about it rather than add Unicode.

      hey, capiCrimm. thanks for your reply! you've perked my ears up, and i'd like to investigate some of what you've discussed here-- namely the multiple php.ini files-- i wonder if something like that could help me to deal w/ stuff like incongruent configuration w/ my localhost and that of my hosting provider-- such that i have to rearrange my addslashes() / stripslashes() stuff-- which can be confusing, and certainly a bit of an annoyance!

      anyway-- i don't like to say my friend w/ the IDE is / was "stupid" for doing whatever it is he's doing-- but i would like to find a way to entice him to abandon that IDE as it seems to produce problematic code.

      hmm... it's late-- did i leave anything out. πŸ˜‰

      thanks again. i'll likely revisit this thread again 'cause i'm hoping to hear more about these multiple php.ini configs, and some of the other things you've brought to my attention -- in particular--

      download GNU grep or gawk for windows. Then right up a shell script with all the iffy security functions(you can probably find a list online, but stuff like directories is able to alter your computer) and run that script on any remote scripts.

      can you tell me a bit more about what's happening there -- if i were to follow your suggestion?

      thanks!!

      edit:
      (aside: hey! i just realized this is my first post of 2006. woohoo-- and happy new year to y'all! yeah, i know.. who cares, right? hey-- gimme some credit-- i'm trying really hard to be excited about it! heehee)

        capiCrimm wrote:

        I'm always amazed at how buggy and ackward php is with databases. You'd think the php team would realize how integral it is to any php script and do something about it rather than add Unicode.

        The issues PHP has with databases are something that you can code around .. use an abstraction layer.

        The issues PHP has with Unicode are not something you can code around. The only way to fix them is by fixing the language itself.

        Ergo unicode is more important.

        Besides, Unicode and the internationalisation of the internet is going to be a MASSIVE issue in the next 5 years or so. If you think you can get away with only using western european languages in your web development you'll in for a nasty suprise. It's quite amazing it's taken this long really.

          onion2k wrote:

          unicode is more important.

          Besides, Unicode and the internationalisation of the internet is going to be a MASSIVE issue in the next 5 years or so. If you think you can get away with only using western european languages in your web development you'll in for a nasty suprise. It's quite amazing it's taken this long really.

          it's funny to think about how my little apache crash story has led to this-- but this is indeed QUITE the interesting subject.

          onion, do you have anything else you'd like to share on it? when we talk of unicode as related to php, accessibility (as i would think of it, coming from the xhtml, web standards camp, etc)-- how does it play into the whole story?

          i don't know much about Unicode, but by "instinct" (as i havent done the reseach) and from what little knowledge i have of UTF8, i've been selecting unicode - UTF8 as the Collation for MySQL (don't understand why it defaults to Latin1_swedish_ci when working in phpMyAdmin, nor do i understand "collation" itself yet) but i did bookmark this site on unicode - "unicode dot org" some time ago, knowing that it was something i would want to research in detail someday. ha! not sure how i landed there either, but it just goes to show that it is prevalent-- obviously (the very name?)

          now i'm quite interested!

            onion2k wrote:

            The issues PHP has with databases are something that you can code around .. use an abstraction layer.

            Such as PHP's [man]PDO[/man].

            Besides, Andi Gutmans has noted (I haven't got the citation handy) that if you insist on having the same interface for all databases, you're pretty much reduced to the lowest common denominator and you miss out on all the facilities that are missing from one or the other database; views, stored procedures, triggers, stuff like that: if one supported database doesn't have it, you can't use it in any of the others either unless you throw out the abstraction layer.

              ATS16805 wrote:

              it's funny to think about how my little apache crash story has led to this-- but this is indeed QUITE the interesting subject.

              That's the power of the Echo Lounge. You shout "Hello!" and a booming voice comes back "Wiiinn....sttoooonnnn".

              nor do i understand "collation" itself yet

              It's the locale's definition of alphabetical order. Does "ΓΌ" come before or after "v"? What about &#936; or Ε’ or &#1510;?

                Weedpacket wrote:

                It's the locale's definition of alphabetical order. Does "ΓΌ" come before or after "v"? What about &#936; or Ε’ or &#1510;?

                aaahhhh..
                that's easy enough! thanks-- you saved me 2 things-- one, the weird feeling of always wonder what the heck it is until doing the necessary research, and 2-- the research! πŸ˜‰ . thanks! is there much more to it, or can i consider myself now a guy who knows a little about collation-- enough to know that Latin would alphabetize A before Z, etc? .... hmm-- so, i probably do want to use Latin... but wait, then we get back to Onion2k's point about internationalism...

                aw shucks!

                well-- i guess what it comes down to then is this:
                how does Unicode alphabetize the Western European/ Latin alphabet? i see there is a nice bit of info provided by phpMyAdmin on the subject (at least my phpMyAdmin 2.6.4-pl4), albeit-- not much more than superficial descriptions.

                is this even what Onion2k was talking about, or am i missing the point? seems that unicode, the one i use when i remember to do so, Utf8_unicode_ci - is Unicode, multilingual, case-insensitive -- how does that work exactly?

                ps: do i reek of "newb" w/ all my myphpadmin talk, or what?
                πŸ™‚
                honestly though-- i worked from the command line for the first several weeks of my learning, and avoided phpmyadmin because i found it's "abstraction", if you can even call it that, to be a bit intimidating. probably because it seemed so vast at first, when all i wanted to do was Create DB's and grant some priv's. -- but now i find it to be empowering! i suppose one goes through phases at this point in the learning process, eh?

                  hello there-- coincidentally, as i was looking for a schwa moments ago (which, by the way, apparently does NOT exist for coding into HTML! even www.dictionary.com uses a .gif i realized!), i referenced the good ol' W3C, and never disappointed w/ the good folks there, i found their Recommendation for Character Entity References. indeed, what great folks at the W3C! however, in typical W3C fashion, of course it will require a fine tooth comb and no hasty, cursory glance will yeild much return-- would anyone happen to know of a URL for a graphically illustrated list which could claim to be nearly as complete as that at the W3
                  (Jeffie wants pictures!?! what good is a book w/out pictures! all these words! how's anyone supposed to get anyth...)

                  anyway-- i thought it seemed relevant-- after all, a subsection is devoted to "internationalization characters", so i hope someone gets some use of it while reading this thread some day

                  (ha! yeah, like many more than 5 people are going to make it past my first 3 sentences up top!)

                    ATS16805 wrote:

                    would anyone happen to know of a URL for a graphically illustrated list which could claim to be nearly as complete as that at the W3

                    Why, certainly; the Unicode Consortium themselves publish such a list; being an IPA symbol, the schwa (or, as I call it "the most boring sound in the English language") is listed among the phonetic symbols, as character 0x0259 - or &#38;#0601;. But like I say, whether a given font contains &#0601; is another matter. Whether there is an equivalent named entity depends on the DTD specified for the document, so (apart from &lt; &gt; &apos; &quot; or &ampπŸ˜‰ if it's not in that list it doesn't have a named equivalent.

                      rock n roll, man! do you come packaged as a Firefox Extension!?!? πŸ™‚
                      now that is something i would find useful! "... just double click on it, and the Weedpacket extension will ... "
                      πŸ˜‰

                        would it stand to reason then, that-- going w/ your (and mine, btw) line of thought about all fonts are rectangles, but not all rectangles are fonts-- that one, a desinger such as myself perhaps, could be confident in using one of these fonts for any sections in my HTML where i would like to present such Unicode, and have the comfort knowing that my audience will likely see it (and hear it in a screen reader, if applicable, i presume)?

                          Write a Reply...